4ef5497fd5
FEAT(velero): activate https in falco, update
...
- velero version
2026-01-04 23:47:13 +09:00
3767a6edea
CHORE(traefik): split centralized ingress
...
- management to per-applicati...
- Moved ArgoCD ingress to argocd/ingress/
- Moved Velero ingress to velero/ingress/
- Removed centralized ingress/ingresses.yaml (single point of failure)
- Updated root kustomization.yaml to reference argocd and velero
directories
- Each application now manages its own ingress independently
2026-01-04 23:47:13 +09:00
311e8a1cc1
FEAT(velero): Add Velero UI
...
- with HAProxy Ingress at velero0213.kro.kr
2026-01-04 23:47:13 +09:00
3366a6b5b8
FEAT(velero): Add Velero, Falco,
...
- and CNPG infrastructure components
Add three critical infrastructure components via GitOps:
- Velero: Backup and disaster recovery solution
- Configured with Minio S3 backend
- Daily full cluster backups (30-day retention)
- Hourly backups for critical namespaces (7-day retention)
- Credentials managed via External Secrets from Vault
- Falco: Runtime security monitoring
- eBPF-based threat detection
- Custom rules for container security
- Falcosidekick for alert forwarding
- Prometheus metrics enabled
- CNPG (CloudNativePG): PostgreSQL operator
- Kubernetes-native PostgreSQL management
- Automated failover and backups
- Will replace Bitnami PostgreSQL
All components follow existing GitOps patterns:
- Helm charts deployed via ArgoCD
- Values managed in Git
- Automated sync with selfHeal enabled
2026-01-04 23:47:13 +09:00
